Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Updated on October 11, 2025

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.
The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the attackers…

Read the rest of the story at Read More

Source: The Hacker News

September 3, 2025 Uncategorized

Iranian Hackers Exploit 100+ Embassy Ema...

December 27, 2023 Uncategorized

Critical Zero-Day in Apache OfBiz ERP Sy...

May 30, 2025 Uncategorized

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Related posts

Iranian Hackers Exploit 100+ Embassy Ema...

Critical Zero-Day in Apache OfBiz ERP Sy...

U.S. Sanctions Funnull for $200M Romance...

Leave a Comment Cancel reply

Recent News

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

Tsundere Botnet Expands Using Game Lures and Ethereum-Based C2 on Windows

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

CTM360 Exposes a Global WhatsApp Hijacking Campaign: HackOnChat

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Iran-Linked Hackers Mapped Ship AIS Data Days Before Real-World Missile Strike Attempt

TamperedChef Malware Spreads via Fake Software Installers in Ongoing Global Campaign

Hackers Actively Exploiting 7-Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001)

Python-Based WhatsApp Worm Spreads Eternidade Stealer Across Brazilian Devices

WrtHug Exploits Six ASUS WRT Flaws to Hijack Tens of Thousands of EoL Routers Worldwide